cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Vijay <vijay2...@gmail.com>
Subject Re: Client traffic encryption best practices....
Date Fri, 12 Aug 2011 04:26:02 GMT
https://issues.apache.org/jira/browse/THRIFT-106 seems to be the right way
to go.... but the cassandra server needs to support too which we might want
to add....

Regards,
</VJ>



On Thu, Aug 11, 2011 at 2:54 PM, Chris Marino <chris@vcider.com> wrote:

> Hello, is there any consensus on how to secure client/cluster
> communications???
>
> I'm running an 8 node cluster across EC2 regions.  I'm running inter-node
> encryption and I want to encrypt the traffic from the clients as well.
>
> My options seem to be:
>
> Have the client connect to only one node and encrypt that one connection
> with OpenVPN/stunnel (or something similar). Or, set up an encrypted tunnel
> from the client to each node. Is there a client library that could take care
> of this for me??
>
> Setting up tunnels to each node is a major pain, but pointing the client to
> only one node is going to kill my performance.  I'm running 4 nodes in each
> EC2 region with one client in each. Maybe I could connect the client only to
> the local nodes, which should simplify things a bit, but I was wondering if
> anyone had any experience with this or could suggest something that might be
> better.
>
> Please let me know.
> Thanks.
> CM
>

Mime
View raw message